Sumo Logic expands security toolset with FactorChain acquisition

When we heard from Sumo Logic last June, the company was announcing a $75 million Series F. Today, they announced they were acquiring FactorChain, a security startup that has raised $3.6 million.

The companies would not disclose the purchase price, but indicated the acquisition closed at the end of Q4 and all 12 FactorChain employees have joined Sumo Logic, including CEO Dave Frampton and CTO Ken Tidwell,.

Sumo is broadly a cloud-based log analysis platform. You can search across logs and analyze data sets. As they looked for ways to expand the product, CEO Ramin Sayer says he saw his customers struggling with traditional security tools, which were designed for an age when security meant protecting the perimeter with a firewall. Today, with data moving in and out of the company from the cloud, security has become a different problem and he believes this acquisition is a big step toward helping solve more modern application security issues in a hybrid cloud world.

What Sumo bought with FactorChain was a tool that can rapidly search across multiple systems to locate security data and find issues quickly. What’s more, FactorChain remembers what you’ve found in the past, so security operations analysts don’t spend a lot of time reinventing the wheel. If you have seen something like an IP address, an email address or any type of identifiable information before, the system remembers, helping analysts save valuable time tracking down issues.

“The FactorChain acquisition accelerates our vision of a new model that converges operations and security in the cloud and provides innovative solutions to persistent challenges in investigation workflows at cloud scale,” Sayer said in a statement.

“The core IP in FactorChain is in how we organize and index data and user navigation of stored and searched data. All of that enables us to run rapid queries of just a second or two across huge data sets and then chain together valuable info, without overwhelming the users,” Dave Frampton, who was CEO of FactorChain, told TechCrunch.

Frampton and Sayar say they have a shared vision of how companies access and analyze data. “It’s not just the base data collection, analytics and platform services, but workflows as well. The bottleneck that exists in traditional security and cloud and modern applications, is in the investigation phase,” Frampton said. His company’s solutions involves identifying threats, going through a cycle of validation, finding if a threat has spread and figuring out what to do based on the data.

FactorChain was founded in 2015. The company hadn’t actually released a product yet, but was working with Beta customers when Sumo approached them about a possible acquisition. Frampton says the two companies fit well together and they saw combining as a way to accelerate their engineering vision for the product much more quickly than they could have done had they stayed independent.

Frampton gets a new title as part of the transition. He becomes VP of security solutions leading the company’s security analytics business. Former CTO Tidwell will have the title of VP of security engineering and will be leading security analytics development and architecture.

The two companies are already working together to integrate FactorChain’s technology deeply into the Sumo Logic product set and they expect to have an announcement of a combined product some time in Q2.

In June, at the time of the Series F funding, Sayer said the funding was the last round before an IPO, and he acknowledged that expanding the product set is part of a broader strategy to work towards that goal.